Data Subject Rights

Teleskope's Data Subject Rights feature makes executing Deletion and Access requests simple and automated. Most DSR requests - otherwise known as the Rights to Know, Delete, or be Forgotten - enforce strict timelines as detailed at the bottom of this page.

First, configure your DSR ecosystem by enrolling datastores and third party integrations:

  1. Enrollment - Enroll specific tables that should be subject to deletion or access requests. Optionally, enroll date-sharded tables to propagate deletions to future tables.

  2. Integrations - Set up each 3rd party integration like Stripe, Hubspot, or Mailchimp in order to process deletion and access requests, and limit what sorts of requests can be performed on each.

  3. Webhooks - Create webhooks to Post access and deletion requests to services without integrations or custom data stores.

  4. Identifiers - Detail unique identifiers to enable deletion requests for company or industry-specific identity references.

  5. Settings - Configure DSR Customizations, emails to vendors where automation is not supported, and Slack notifications.

Then, process your request:

  1. Submit - Return to the Requests tab, and submit a new DSR request. Input the request type and identifiers and click submit.

  2. Tasks - In each subtab, you're able to click into a request to view which table or integration is currently being processed, when each succeeds, and which, if any, failed.

Regulatory DSR requirements

United States DSRs

Framework
Time to Reply (days)
Extension (days)

CA - CCPA & CPRA

25

25

VA - CDPA

45

45

CO - CPA

45

45

UT - UCPA

45

45

TX - TDPSA

45

45

MO - MTCDPA

45

45

CT - CTDPA

45

45

OR - OCPA

45

45

IA - ICDPA

90

45

International DSRs

Framework
Time to Reply (days)
Extension (days)

EU - GDPR

28

61

BR - LGPD

"Immediately"

15

UK - GDPR & DPA

~28

61

JP - APPI

"Without delay"

CA - PIPEDA

~30

AU - Cth & APPs

~30

SG - PDPA

30

Last updated